package edu.suda.scratcher.ippgserver.filter;

import java.io.IOException;
import javax.servlet.*;
import javax.servlet.http.*;
import javax.servlet.annotation.WebFilter;

@WebFilter(urlPatterns = "/actions/*")
public class ActionsLoginCheck extends HttpFilter {
	private static final long serialVersionUID = 1L;

    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
        HttpServletRequest req = (HttpServletRequest)request;
        String username = (String)req.getSession().getAttribute("username");
        
        // 如果没有登录则要求登录
        if (username!=null) {
            chain.doFilter(request, response);
        } else {
            ((HttpServletResponse)response).sendError(HttpServletResponse.SC_FORBIDDEN);
        }
	}
}
